Investigating the Limits of SOAP Performance for Scientific Computing
HPDC '02 Proceedings of the 11th IEEE International Symposium on High Performance Distributed Computing
HPDC '03 Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing
A Community Authorization Service for Group Collaboration
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Performance Comparison of Security Mechanisms for Grid Services
GRID '04 Proceedings of the 5th IEEE/ACM International Workshop on Grid Computing
Instrument Element: A New Grid component that Enables the Control of Remote Instrumentation
CCGRID '06 Proceedings of the Sixth IEEE International Symposium on Cluster Computing and the Grid
Securing web services for deployment in health grids
Future Generation Computer Systems - Parallel input/output management techniques (PIOMT) in cluster and grid computing
A Performance Evaluation of Web Services Security
EDOC '06 Proceedings of the 10th IEEE International Enterprise Distributed Object Computing Conference
A framework model for grid security
Future Generation Computer Systems
Efficient task replication and management for adaptive fault tolerance in mobile Grid environments
Future Generation Computer Systems - Special section: Information engineering and enterprise architecture in distributed computing environments
Performance Comparison of Web Services Security: Kerberos Token Profile Against X.509 Token Profile
ICNS '07 Proceedings of the Third International Conference on Networking and Services
Fair Scheduling Algorithms in Grids
IEEE Transactions on Parallel and Distributed Systems
Managing service level agreement contracts in OGSA-based Grids
Future Generation Computer Systems
The many faces of the integration of instruments and the grid
International Journal of Web and Grid Services
An innovative workflow mapping mechanism for Grids in the frame of Quality of Service
Future Generation Computer Systems
Access control management for ubiquitous computing
Future Generation Computer Systems
A monitoring architecture for control grids
EGC'05 Proceedings of the 2005 European conference on Advances in Grid Computing
Editorial: Special section: Real-time attributes in grids
Future Generation Computer Systems
Semantic-based authorization architecture for Grid
Future Generation Computer Systems
| Hi-index | 0.00 |
Instrumentation Grids aim at controlling and managing heterogeneous resources & instruments securely, reliably and in near real-time. Within this context, we present a Web Services based Security Architecture that aims at improving security performance maintaining at the same time interoperability with legacy Grid Security Infrastructure (GSI). Our architecture utilizes GSI X.509 Certificates or Proxy Certificates (RFC3820) for the initial authentication of a user. However, it subsequently maps this identity to a Kerberos one and utilizes WS Security Kerberos Token Profile for embedding user credentials within WS exchange mechanisms. It then provides user authorization, thus realizing a complete AAI (Authentication & Authorization Infrastructure). In order to demonstrate and quantify the performance improvement achieved by our approach over a message exchange using X.509 Certificate Token Profile, we present comparative measurements on implementations of the two options. Our results demonstrate that the Kerberos message exchange schema exhibits up to 50% message throughput improvement, under high CPU load on the server.